Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : Novell (NOVL) dirt cheap, good buy? -- Ignore unavailable to you. Want to Upgrade?

To: Paul Fiondella who wrote (30091)	1/28/2000 4:37:00 PM
From: EPS	Read Replies (1) \| Respond to of 42771

For its part, Microsoft argued that the quick turnaround time on the bug fix reflects the company's commitment to customer concerns about security LOL! Microsoft patches Windows 2000 security hole By Stephanie Miles Staff Writer, CNET News.com January 28, 2000, 12:35 p.m. PT Microsoft achieved a dubious milestone this week, releasing the first security patch for its Windows 2000 operating system, despite the fact that the OS is still a few weeks away from its official release. The software giant this week released the security patch for two problems affecting the Microsoft Index Server, a file search engine included with Windows 2000, as well as Windows NT and Internet Information Server. Windows 2000 is the company's new corporate operating system, designed to run computers for large companies, Web sites and e-commerce services. Although the function affected by the glitch is not specific to Windows 2000, the vulnerability is somewhat embarrassing for Microsoft, given its recent struggles with security issues, its promotion of Windows 2000 as the most secure and reliable operating system to date, and the fact that the product has not yet even been officially released. Taken together, the security problems would allow a malicious user to learn where administrative files are stored on a Web server, then view and read the files, a Microsoft representative said. The bugs do not allow anyone to actually modify or gain access to the files themselves. Although it ranks low on the severity scale, the problem does raise questions as to whether Microsoft has overhyped the stability of the new operating system and its own internal bug-testing operation. Microsoft has called Windows 2000 the most heavily tested software release in the company's history. "For Windows 2000 users, of course, this patch is somewhat interesting, if only because it is the first update to the new operating system," wrote Paul Thurrott, in his WinInfo email newsletter. "It's also extremely disappointing from an administrative standpoint...because the patch requires you to reboot the machine once it's installed. One of the primary selling points of Windows 2000 is that it requires far fewer reboots than Windows NT 4.0." The patch for the problem, and background information on the glitch, is available on the Microsoft Web site. For its part, Microsoft argued that the quick turnaround time on the bug fix reflects the company's commitment to customer concerns about security. "The person who reported that this was an issue is someone who's been working closely with Microsoft," the representative said, noting that Microsoft has not been informed of any actual problems as a result of the vulnerability. "This is not an issue where a malicious instance actually happened." A possible reason: Microsoft does not officially release the software until Feb. 17, at a launch event in San Francisco. The first collection of Windows 2000 bug fixes, known as a service pack, is expected to be released in June.